Tip 15/21: Secure your Google Account, now.As we’ve seen throughout the series - Google has lot’s of information about you. Don’t you think it’s a good idea to do everything you can to protect that data and keep it safe?

It’s a simple yet very powerful concept. Two step verification means that after you correctly submit your password, you reach a secondary screen which another code you’re asked to enter.

The verification code is sent (for free) within 5 seconds to your phone, via sms or voice call. You then need to insert that 6 digits code into the password box in order to login to your account.

► Why is this good?

Imagine someone is trying to hack into your account and managed to to get hold of your password, which you’ll be surprised to hear - isn’t that difficult (more at the end of the post).

If you’ve enabled two step verifications for your account, the evil hacker will have a slight problem after successfully typing in your password. He’ll need to type in the 6 digits code as well, which he can only get if he managed to get hold of your phone as well.

And it gets even better! Once the guy tries to hack into your account with the password - your phone (which is hopefully in your pocket) will get a sms message with a 6 digits code! And if you weren’t the one who requested the code, it means someone else did, which means someone is trying to hack into your account.

Doesn’t it become irritating to insert two codes each time?

Not at all! If you’re logging in to your account from a private computer, you can check the “Trusted Computer” box which will then allow you to log in with your password alone - just as you did before.

What if you don’t have your phone or don’t have reception?Good question, but there’s a simple answer for that as well.

► Backup codes.Google allows you to print backup codes which are meant exactly for these types of situations. Each backup code is 8 digits long and can be used only once before being deactivated. You can print up to 10 codes each time, and generate new ones at any stage.

► Recovery phone.If you set up a recovery phone for your account, you can ask Google to send the code to that phone instead.

► Trusted computers.If you’re without your phone or recovery codes, you can access your account via a trusted computer (since that computer won’t ask you for the verification code).

Note before advancing to the next stage

After you enable the two step verification for your account you’ll be logged out of your Google acount in on all of your devices, and will also be asked to insert an App specific code for apps connected to your Google acount (more about this here: bit. ly/1qh35XS).

Ok got it. How do I enable 2 step verification for my account?

Follow this simple tutorial by Google: bit. ly/1qh3o5e

*Google Apps users, in order for this to work for you and your colleagues, you need to enable this feature at the top domain level (ask if you have questions about this).

It’s surprising how simple it is for someone with access to your computer, to find your hidden passwords.

► Chrome Passwords to Text

If you’ve allowed Chrome to remember a password for a specific website (i.e. Gmail), your password can be easily revealed. I admit this is a bit geeky, but it’s actually really simple to do.

Head over to Gmail (or any other website that saved your password) and once the password (black dots) appear in the password box, highlight the password, right click it and select “Inspect Element”.

Then in the pop up window, change the highlighted input field from “password” to “text”, i.e. from <input type=”password”> to <input type=”text”>. This will immediately convert the dotted hidden password to text and reveal your password.

► Chrome save passwords

An even more simple thing to do would be to insert “chrome://settings/passwords” into the URL address bar in Chrome.

This will open up a list which contains all the password you’ve ever saved to chrome, and a simple click on the blue “show” button will reveal the password for that specific site. You can even search for a website in the list. Yes, it’s that easy!

Why am I sharing this you ask?

To show you how simple it can be for someone with bad intentions to find your password, and to urge you to take action and set up the 2 step verification for your account.

I mean think about it.. If I know about these two things (which I just happened to stumbled across at labnol .org), what could people who know a thing or two about hacking do to find your password?

Search Posts

Featured Posts

You can follow what I am doing across my social channels. While I do my best to reply directly, if you need to contact me for work related issues, please use LinkedIn. I am an open networker on that platform, and I welcome connecting with you and any referrals. Thank you.